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AMENDMENTS TO THE CLAIMS 

1 . (Currently Amended) A method of administering a processor-based system, 
said method comprising the steps of: 

implementing at least one compartment for containing containment of at least one 
process executable on said processor-based system; and 

providing , by said processor-based system, at least one operating system command- 
line utility executable to manipulate said at least one compartment. 

2. (Original) The method of claim 1 wherein said at least one compartment 
defines whether said at least one process contained therein is allowed access to particular 
system resources. 

3. (Original) The method of claim 1 wherein said at least one process is labeled 
to identify the compartment in which it is contained. 

4. (Original) The method of claim 1 wherein said at least one command-line 
utility executable to manipulate said at least one compartment comprises at least one 
command-line utility executable to perform at least one type of compartment manipulation 
selected from the group consisting of: 

adding a new compartment, renaming an existing compartment, removing an existing 
compartment, resizing an existing compartment, adding a process to a compartment, and 
removing a process from a compartment. 

5. (Original) The method of claim 1 wherein said implementing step comprises: 
defining said at least one compartment in at least one configuration file. 

6. (Original) The method of claim 5 wherein said at least one command-line 
utility is executable to manipulate said at least one compartment without requiring a user to 
edit said at least one configuration file. 

7. (Original) The method of claim 1 wherein said implementing step comprises: 
providing at least one rule that defines containment of said at least one compartment 

in at least one configuration file. 
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8. (Original) The method of claim 7 further comprising the step of: 
providing at least one command-line utility executable to manipulate said at least one 

rule. 

9. (Original) The method of claim 8 wherein said at least one command-line 
utility executable to manipulate said at least one rule comprises at least one command-line 
utility executable to perform at least one type of rule manipulation selected from the group 
consisting of: 

adding a new rule for a particular compartment, removing an existing rule for a 
particular compartment, and listing all rules for a particular compartment. 

10. (Currently Amended) A system comprising: 
at least one proc e ssor; 

an operating system implementing at least one compartment to which at least one 

process executable on said system can be associated; 

at least one configuration file defining said at least one compartment; and 

means for performing management of said at least one compartment without requiring 

that a user edit said at least one configuration file in which said at least one compartment is 

defined. 

1 1 . (Original) The system of claim 10 wherein said means for performing 
management of said at least one compartment further enables management actions initiated 
via said means for performing management to be performed dynamically, without requiring 
that the system be re-booted in order for said management actions to be effective within said 
system. 

12. (Original) The system of claim 10 wherein said performing management of 
said at least one compartment comprises manipulating said at least one compartment. 

13. (Original) The system of claim 12 wherein said manipulating said at least one 
compartment includes at least one type of manipulation selected from the group consisting of: 

adding a new compartment, renaming an existing compartment, and removing an 
existing compartment, resizing an existing compartment, adding a process to a compartment, 
and removing a process from a compartment. 
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14. (Original) The system of claim 12 wherein said means for performing 
management of said at least one compartment further enables manipulating of said at least 
one compartment to be performed dynamically, without requiring that the system be re- 
booted in order for compartment manipulation to be effective within said system. 

15. (Original) The system of claim 10 wherein said performing management of 
said at least one compartment comprises switching from a first compartment to a second 
compartment. 

16. (Original) The system of claim 10 further comprising: 

at least one configuration file including at least one rule defining containment of said 
at least one compartment. 

17. (Original) The system of claim 16 wherein said performing management of 
said at least one compartment comprises manipulating said at least one rule. 

18. (Original) The system of claim 17 wherein said manipulating said at least one 
rule comprises at least one type of manipulation selected from the group consisting of: 

adding a new rule for a particular compartment, removing an existing rule for a 
particular compartment, and listing all rules for a particular compartment. 

19. (Original) The system of claim 10 wherein said means for performing 
management comprises at least one operating system command-line utility executable to 
manage said at least one compartment. 

20. (Original) A computer-readable medium including instructions executable by 
a processor, said computer-readable medium comprising: 

library of software functions for managing at least one compartment implemented by 
an operating system, wherein at least one process can be associated with said at least one 
compartment and said at least one compartment defines accessibility of resources for said at 
least one process associated therewith; and 

said library of software functions includes at least one command-line utility 
executable to manipulate said at least one compartment. 
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2 1 . (Original) The computer-readable medium of claim 20 wherein at least one 
command-line utility executable to manipulate said at least one compartment includes at least 
one type of manipulation selected from the group consisting of: 

adding a new compartment, renaming an existing compartment, and removing an 
existing compartment, resizing an existing compartment, adding a process to a compartment, 
and removing a process from a compartment. 

22. (Original) The computer-readable medium of claim 20 wherein at least one 
configuration file is implemented on a system to define said at least one compartment. 

23. (Original) The computer-readable medium of claim 22 wherein said at least 
one command-line utility is executable to manipulate said at least one compartment without 
requiring that a user edit said at least one configuration file. 

24. (Original) The computer-readable medium of claim 20 wherein at least one 
rule is implemented to define accessibility of resources allowed for said at least one 
compartment, and wherein said library of software functions further includes at least one 
command-line utility executable to manipulate said at least one rule. 

25. (New) The method of claim 1 wherein said implementing at least one 
compartment comprises: 

utilizing a kernel for enforcing said at least one compartment. 
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